Restore Office365 onpremise synchronisation
Windows associates on premise Accounts with Azure AD by comparing the ObjectGUID from the local Account to the immutableID of Azure.
The following scripts use the email address as unique identifier to rejoin local and remote accounts:
Get the ObjectGUIDs ( example on linux, can be windows too):
ldapsearch -h <host> -p 3268 -D "cn=<admin>" -b "ou=<where the users are>" -W -x -s sub sAMAccountName objectGUID > /tmp/immutables
Format and create Email-Adresses:
cat /tmp/immutables | awk '/^objectGUID/{a=$2;}/^sAMA/{print$2"@<company.com>",a}' > /tmp/match
Now we switch to a Windows computer.
Copy the /tmp/match file to that computer
Start Powershell
Install-Module -Name AzureAD
Connect-AzureAD
Login with administrator credentials
set-executionpolicy remotesigned
Create Backup of old immutableIDs (max 2000)
Get-AzureADUser -top 2000 | Select-Object userprincipalname,immutableid > C:\users\public\BackupImmutable.txt
Set new immutables:
cat <wherever match is> | ForEach-Object{$mail,$immut=$_.split("");Set-AzureADUser -ObjectId "$mail" -immutableid "$immut"}